2021-01-11 09:12:23 +00:00
# Nuclei Templates
[![License ](https://img.shields.io/badge/license-MIT-_red.svg )](https://opensource.org/licenses/MIT)
[![GitHub Release ](https://img.shields.io/github/release/projectdiscovery/nuclei-templates )](https://github.com/projectdiscovery/nuclei-templates/releases)
[![contributions welcome ](https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat )](https://github.com/projectdiscovery/nuclei-templates/issues)
[![Follow on Twitter ](https://img.shields.io/twitter/follow/pdnuclei.svg?logo=twitter )](https://twitter.com/pdnuclei)
[![Chat on Discord ](https://img.shields.io/discord/695645237418131507.svg?logo=discord )](https://discord.gg/KECAGdH)
Templates are the core of [nuclei scanner ](https://github.com/projectdiscovery/nuclei ) which power the actual scanning engine. This repository stores and houses various templates for the scanner provided by our team as well as contributed by the community. We hope that you also contribute by sending templates via **pull requests** or [Github issue ](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+ ) and grow the list.
2021-01-12 07:58:38 +00:00
# Resources
2021-01-11 09:12:23 +00:00
2021-01-12 07:58:38 +00:00
- [Templates ](#nuclei-templates-overview )
- [Documentation ](#-documentation )
- [Contributions ](#-contributions )
- [Discussion ](#-discussion )
- [Community ](#-community )
- [Notes ](#-notes )
### Nuclei templates overview
-----
An overview of the nuclei template directory including number of templates associated with each directory.
**Directory structure of nuclei templates:**
2021-01-11 09:12:23 +00:00
2021-01-11 09:14:17 +00:00
| Templates | Counts | Templates | Counts |
| --------------- | ------------------------------- | ---------------- | ------------------------------ |
2021-02-13 10:45:47 +00:00
| cves | 177 | default-logins | 8 |
2021-02-01 16:48:08 +00:00
| dns | 6 | exposed-panels | 74 |
2021-02-13 09:14:57 +00:00
| exposed-tokens | 9 | exposures | 45 |
2021-02-02 14:10:22 +00:00
| fuzzing | 4 | helpers | 2 |
2021-02-13 14:02:36 +00:00
| miscellaneous | 12 | misconfiguration | 43 |
2021-02-05 05:37:30 +00:00
| takeovers | 1 | technologies | 45 |
2021-02-14 11:05:47 +00:00
| vulnerabilities | 82 | workflows | 18 |
2021-01-11 09:12:23 +00:00
2021-01-12 07:58:38 +00:00
**Tree structure of nuclei templates:**
2021-01-11 09:12:23 +00:00
< details >
< summary > Nuclei templates < / summary >
```
2021-01-27 17:41:02 +00:00
├── CODE_OF_CONDUCT.md
2021-01-11 09:12:23 +00:00
├── LICENSE.md
├── README.md
├── cves
│ ├── 2005
│ │ └── CVE-2005-2428.yaml
│ ├── 2008
│ │ └── CVE-2008-2398.yaml
│ ├── 2013
│ │ └── CVE-2013-2251.yaml
│ ├── 2014
│ │ └── CVE-2014-6271.yaml
│ ├── 2017
│ │ ├── CVE-2017-10075.yaml
2021-02-04 19:46:20 +00:00
│ │ ├── CVE-2017-10271.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── CVE-2017-11444.yaml
2021-02-10 09:44:51 +00:00
│ │ ├── CVE-2017-12615.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── CVE-2017-12637.yaml
│ │ ├── CVE-2017-14537.yaml
│ │ ├── CVE-2017-14849.yaml
│ │ ├── CVE-2017-5638.yaml
│ │ ├── CVE-2017-7391.yaml
│ │ ├── CVE-2017-7615.yaml
│ │ ├── CVE-2017-9506.yaml
│ │ └── CVE-2017-9841.yaml
│ ├── 2018
│ │ ├── CVE-2018-0296.yaml
│ │ ├── CVE-2018-1000129.yaml
│ │ ├── CVE-2018-11409.yaml
│ │ ├── CVE-2018-11759.yaml
│ │ ├── CVE-2018-1247.yaml
│ │ ├── CVE-2018-1271.yaml
│ │ ├── CVE-2018-1273.yaml
│ │ ├── CVE-2018-13379.yaml
│ │ ├── CVE-2018-13380.yaml
2021-02-01 17:34:52 +00:00
│ │ ├── CVE-2018-14574.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── CVE-2018-14728.yaml
│ │ ├── CVE-2018-16341.yaml
│ │ ├── CVE-2018-16763.yaml
│ │ ├── CVE-2018-17431.yaml
│ │ ├── CVE-2018-18069.yaml
│ │ ├── CVE-2018-19386.yaml
│ │ ├── CVE-2018-19439.yaml
│ │ ├── CVE-2018-20824.yaml
│ │ ├── CVE-2018-2791.yaml
2021-02-04 08:14:20 +00:00
│ │ ├── CVE-2018-3167.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── CVE-2018-3714.yaml
│ │ ├── CVE-2018-3760.yaml
│ │ ├── CVE-2018-5230.yaml
│ │ ├── CVE-2018-7251.yaml
│ │ ├── CVE-2018-7490.yaml
2021-01-30 05:50:54 +00:00
│ │ ├── CVE-2018-8006.yaml
│ │ └── CVE-2018-8033.yaml
2021-01-11 09:12:23 +00:00
│ ├── 2019
│ │ ├── CVE-2019-10092.yaml
│ │ ├── CVE-2019-1010287.yaml
│ │ ├── CVE-2019-10475.yaml
│ │ ├── CVE-2019-11248.yaml
│ │ ├── CVE-2019-11510.yaml
│ │ ├── CVE-2019-11580.yaml
│ │ ├── CVE-2019-11581.yaml
│ │ ├── CVE-2019-11869.yaml
│ │ ├── CVE-2019-12314.yaml
│ │ ├── CVE-2019-12461.yaml
│ │ ├── CVE-2019-12593.yaml
│ │ ├── CVE-2019-12725.yaml
│ │ ├── CVE-2019-14223.yaml
│ │ ├── CVE-2019-14322.yaml
│ │ ├── CVE-2019-14696.yaml
│ │ ├── CVE-2019-14974.yaml
│ │ ├── CVE-2019-15043.yaml
│ │ ├── CVE-2019-15107.yaml
│ │ ├── CVE-2019-15858.yaml
│ │ ├── CVE-2019-16278.yaml
│ │ ├── CVE-2019-1653.yaml
│ │ ├── CVE-2019-16662.yaml
│ │ ├── CVE-2019-16759.yaml
│ │ ├── CVE-2019-16920.yaml
│ │ ├── CVE-2019-17382.yaml
2021-02-01 17:04:11 +00:00
│ │ ├── CVE-2019-17506.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── CVE-2019-17558.yaml
│ │ ├── CVE-2019-18394.yaml
│ │ ├── CVE-2019-19368.yaml
│ │ ├── CVE-2019-19781.yaml
│ │ ├── CVE-2019-19908.yaml
│ │ ├── CVE-2019-19985.yaml
│ │ ├── CVE-2019-20141.yaml
│ │ ├── CVE-2019-2588.yaml
│ │ ├── CVE-2019-2725.yaml
│ │ ├── CVE-2019-3396.yaml
│ │ ├── CVE-2019-3402.yaml
│ │ ├── CVE-2019-3799.yaml
2021-02-10 11:04:04 +00:00
│ │ ├── CVE-2019-5127.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── CVE-2019-5418.yaml
│ │ ├── CVE-2019-6112.yaml
│ │ ├── CVE-2019-6340.yaml
│ │ ├── CVE-2019-6715.yaml
│ │ ├── CVE-2019-7219.yaml
│ │ ├── CVE-2019-7256.yaml
│ │ ├── CVE-2019-7609.yaml
│ │ ├── CVE-2019-8442.yaml
│ │ ├── CVE-2019-8449.yaml
│ │ ├── CVE-2019-8451.yaml
│ │ ├── CVE-2019-8903.yaml
│ │ ├── CVE-2019-8982.yaml
2021-02-10 11:10:08 +00:00
│ │ ├── CVE-2019-9041.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── CVE-2019-9670.yaml
│ │ ├── CVE-2019-9733.yaml
│ │ ├── CVE-2019-9955.yaml
│ │ └── CVE-2019-9978.yaml
2021-01-29 18:12:08 +00:00
│ ├── 2020
│ │ ├── CVE-2020-0618.yaml
│ │ ├── CVE-2020-10148.yaml
│ │ ├── CVE-2020-11034.yaml
│ │ ├── CVE-2020-1147.yaml
2021-02-03 11:54:47 +00:00
│ │ ├── CVE-2020-11710.yaml
2021-01-29 18:12:08 +00:00
│ │ ├── CVE-2020-11738.yaml
2021-02-13 10:45:47 +00:00
│ │ ├── CVE-2020-11991.yaml
2021-01-29 18:12:08 +00:00
│ │ ├── CVE-2020-12116.yaml
│ │ ├── CVE-2020-12720.yaml
│ │ ├── CVE-2020-13167.yaml
2021-01-30 06:10:26 +00:00
│ │ ├── CVE-2020-13937.yaml
2021-01-29 18:12:08 +00:00
│ │ ├── CVE-2020-13942.yaml
│ │ ├── CVE-2020-14179.yaml
│ │ ├── CVE-2020-14181.yaml
2021-02-10 16:03:53 +00:00
│ │ ├── CVE-2020-14815.yaml
2021-01-29 18:12:08 +00:00
│ │ ├── CVE-2020-14864.yaml
│ │ ├── CVE-2020-14882.yaml
│ │ ├── CVE-2020-15129.yaml
│ │ ├── CVE-2020-15505.yaml
2021-02-10 10:52:08 +00:00
│ │ ├── CVE-2020-15568.yaml
2021-01-29 18:12:08 +00:00
│ │ ├── CVE-2020-15920.yaml
│ │ ├── CVE-2020-16846.yaml
│ │ ├── CVE-2020-16952.yaml
│ │ ├── CVE-2020-17505.yaml
│ │ ├── CVE-2020-17506.yaml
│ │ ├── CVE-2020-17518.yaml
│ │ ├── CVE-2020-17519.yaml
│ │ ├── CVE-2020-17530.yaml
│ │ ├── CVE-2020-1943.yaml
│ │ ├── CVE-2020-2096.yaml
│ │ ├── CVE-2020-2140.yaml
│ │ ├── CVE-2020-23972.yaml
│ │ ├── CVE-2020-24223.yaml
│ │ ├── CVE-2020-24312.yaml
2021-01-31 10:29:23 +00:00
│ │ ├── CVE-2020-24579.yaml
2021-02-11 19:20:47 +00:00
│ │ ├── CVE-2020-25213.yaml
2021-01-29 18:12:08 +00:00
│ │ ├── CVE-2020-2551.yaml
│ │ ├── CVE-2020-25540.yaml
│ │ ├── CVE-2020-26214.yaml
2021-01-30 13:54:36 +00:00
│ │ ├── CVE-2020-27986.yaml
2021-01-29 18:12:08 +00:00
│ │ ├── CVE-2020-3187.yaml
│ │ ├── CVE-2020-3452.yaml
2021-01-31 17:36:01 +00:00
│ │ ├── CVE-2020-35476.yaml
2021-01-29 18:12:08 +00:00
│ │ ├── CVE-2020-4463.yaml
│ │ ├── CVE-2020-5284.yaml
│ │ ├── CVE-2020-5405.yaml
│ │ ├── CVE-2020-5410.yaml
│ │ ├── CVE-2020-5412.yaml
│ │ ├── CVE-2020-5776.yaml
│ │ ├── CVE-2020-5777.yaml
│ │ ├── CVE-2020-5902.yaml
│ │ ├── CVE-2020-6287.yaml
│ │ ├── CVE-2020-7209.yaml
│ │ ├── CVE-2020-7318.yaml
│ │ ├── CVE-2020-7961.yaml
│ │ ├── CVE-2020-8091.yaml
│ │ ├── CVE-2020-8115.yaml
│ │ ├── CVE-2020-8163.yaml
│ │ ├── CVE-2020-8191.yaml
│ │ ├── CVE-2020-8193.yaml
│ │ ├── CVE-2020-8194.yaml
│ │ ├── CVE-2020-8209.yaml
│ │ ├── CVE-2020-8512.yaml
│ │ ├── CVE-2020-8515.yaml
│ │ ├── CVE-2020-8982.yaml
│ │ ├── CVE-2020-9047.yaml
│ │ ├── CVE-2020-9344.yaml
│ │ ├── CVE-2020-9376.yaml
│ │ ├── CVE-2020-9484.yaml
│ │ ├── CVE-2020-9496.yaml
│ │ └── CVE-2020-9757.yaml
│ └── 2021
2021-02-04 14:14:45 +00:00
│ ├── CVE-2021-22122.yaml
2021-01-30 12:54:40 +00:00
│ ├── CVE-2021-22873.yaml
2021-02-03 16:18:27 +00:00
│ ├── CVE-2021-25646.yaml
2021-02-09 12:58:55 +00:00
│ ├── CVE-2021-26710.yaml
2021-02-07 20:10:18 +00:00
│ ├── CVE-2021-26722.yaml
2021-02-07 15:41:28 +00:00
│ ├── CVE-2021-26723.yaml
2021-01-30 12:54:40 +00:00
│ └── CVE-2021-3019.yaml
2021-01-11 09:12:23 +00:00
├── default-logins
│ ├── activemq
│ │ └── activemq-default-login.yaml
│ ├── ambari
│ │ └── ambari-default-credentials.yaml
│ ├── apache
│ │ └── tomcat-manager-default.yaml
│ ├── grafana
│ │ └── grafana-default-credential.yaml
│ ├── ofbiz
│ │ └── ofbiz-default-credentials.yaml
│ ├── rabbitmq
│ │ └── rabbitmq-default-admin.yaml
│ ├── solarwinds
│ │ └── solarwinds-default-admin.yaml
│ └── zabbix
│ └── zabbix-default-credentials.yaml
├── dns
│ ├── azure-takeover-detection.yaml
│ ├── cname-service-detector.yaml
│ ├── dead-host-with-cname.yaml
│ ├── mx-service-detector.yaml
│ ├── servfail-refused-hosts.yaml
│ └── spoofable-spf-records-ptr.yaml
├── exposed-panels
│ ├── active-admin-exposure.yaml
│ ├── activemq-panel.yaml
│ ├── adminer-panel.yaml
│ ├── aims-password-mgmt-client.yaml
│ ├── airflow-exposure.yaml
│ ├── ambari-exposure.yaml
│ ├── ansible-tower-exposure.yaml
│ ├── atlassian-crowd-panel.yaml
│ ├── cisco-asa-panel.yaml
│ ├── citrix-adc-gateway-detect.yaml
│ ├── citrix-vpn-detect.yaml
│ ├── compal-panel.yaml
│ ├── couchdb-exposure.yaml
│ ├── couchdb-fauxton.yaml
│ ├── crxde.yaml
│ ├── django-admin-panel.yaml
│ ├── druid-console-exposure.yaml
│ ├── exposed-pagespeed-global-admin.yaml
│ ├── exposed-webalizer.yaml
│ ├── flink-exposure.yaml
│ ├── fortinet-fortigate-panel.yaml
│ ├── fortiweb-panel.yaml
│ ├── github-enterprise-detect.yaml
│ ├── gitlab-detect.yaml
│ ├── globalprotect-panel.yaml
│ ├── go-anywhere-client.yaml
│ ├── grafana-detect.yaml
│ ├── hadoop-exposure.yaml
│ ├── identityguard-selfservice-entrust.yaml
│ ├── iomega-lenovo-emc-shared-nas-detect.yaml
│ ├── jira-detect.yaml
│ ├── jmx-console.yaml
│ ├── kafka-connect-ui.yaml
│ ├── kafka-monitoring.yaml
│ ├── kafka-topics-ui.yaml
2021-02-01 16:48:08 +00:00
│ ├── key-cloak-admin-panel.yaml
2021-01-11 09:12:23 +00:00
│ ├── kubernetes-dashboard.yaml
│ ├── manage-engine-admanager-panel.yaml
│ ├── mobileiron-login.yaml
│ ├── netscaler-gateway.yaml
│ ├── network-camera-detect.yaml
│ ├── oipm-detect.yaml
│ ├── parallels-html-client.yaml
│ ├── phpmyadmin-panel.yaml
│ ├── polycom-admin-detect.yaml
2021-01-14 06:57:45 +00:00
│ ├── prometheus-exporter-detect.yaml
2021-01-14 06:00:54 +00:00
│ ├── public-tomcat-manager.yaml
2021-01-11 09:12:23 +00:00
│ ├── pulse-secure-panel.yaml
│ ├── rabbitmq-dashboard.yaml
│ ├── rocketmq-console-exposure.yaml
│ ├── rsa-self-service.yaml
│ ├── sap-hana-xsengine-panel.yaml
│ ├── sap-netweaver-detect.yaml
│ ├── sap-recon-detect.yaml
│ ├── selenoid-ui-exposure.yaml
│ ├── setup-page-exposure.yaml
│ ├── solarwinds-orion.yaml
│ ├── solr-exposure.yaml
│ ├── sonarqube-login.yaml
│ ├── sonicwall-management-panel.yaml
│ ├── sonicwall-sslvpn-panel.yaml
│ ├── sophos-fw-version-detect.yaml
│ ├── supervpn-panel.yaml
│ ├── tikiwiki-cms.yaml
│ ├── tomcat-manager-pathnormalization.yaml
│ ├── traefik-dashboard.yaml
│ ├── virtual-ema-detect.yaml
│ ├── weave-scope-dashboard-detect.yaml
│ ├── webeditors.yaml
│ ├── webmin-panel.yaml
│ ├── workspace-one-uem.yaml
│ ├── workspaceone-uem-airwatch-dashboard-detect.yaml
│ ├── yarn-manager-exposure.yaml
│ └── zipkin-exposure.yaml
├── exposed-tokens
│ ├── aws
│ │ ├── amazon-mws-auth-token-value.yaml
│ │ └── aws-access-key-value.yaml
│ ├── generic
│ │ ├── credentials-disclosure.yaml
│ │ ├── general-tokens.yaml
│ │ └── http-username-password.yaml
│ ├── google
│ │ ├── fcm-server-key.yaml
│ │ └── google-api-key.yaml
│ ├── mailchimp
│ │ └── mailchimp-api-key.yaml
│ └── slack
│ └── slack-access-token.yaml
├── exposures
│ ├── apis
│ │ ├── swagger-api.yaml
│ │ ├── wadl-api.yaml
│ │ └── wsdl-api.yaml
│ ├── backups
│ │ ├── sql-dump.yaml
│ │ └── zip-backup-files.yaml
│ ├── configs
│ │ ├── airflow-configuration-exposure.yaml
2021-01-30 05:33:44 +00:00
│ │ ├── alibaba-canal-info-leak.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── amazon-docker-config-disclosure.yaml
│ │ ├── ansible-config-disclosure.yaml
│ │ ├── composer-config.yaml
2021-02-10 20:16:18 +00:00
│ │ ├── docker-compose-config.yml
2021-01-11 09:12:23 +00:00
│ │ ├── exposed-svn.yaml
│ │ ├── git-config-nginxoffbyslash.yaml
│ │ ├── git-config.yaml
2021-02-03 11:34:35 +00:00
│ │ ├── gmail-api-client-secrets.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── htpasswd-detection.yaml
│ │ ├── laravel-env.yaml
2021-02-13 09:14:57 +00:00
│ │ ├── lvmeng-uts-disclosure.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── magento-config.yaml
│ │ ├── opcache-status-exposure.yaml
│ │ ├── owncloud-config.yaml
│ │ ├── package-json.yaml
│ │ ├── perl-status.yaml
│ │ ├── phpinfo.yaml
│ │ ├── rails-database-config.yaml
│ │ ├── redmine-db-config.yaml
│ │ ├── syfmony-profiler.yaml
│ │ ├── symfony-database-config.yaml
│ │ ├── symfony-profiler.yaml
│ │ └── web-config.yaml
│ ├── files
│ │ ├── domcfg-page.yaml
│ │ ├── drupal-install.yaml
│ │ ├── ds_store.yaml
│ │ ├── exposed-alps-spring.yaml
│ │ ├── filezilla.yaml
2021-02-04 07:49:14 +00:00
│ │ ├── golang-metrics.yaml
2021-02-13 04:56:35 +00:00
│ │ ├── keycloak-json.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── lazy-file.yaml
│ │ ├── server-private-keys.yaml
│ │ └── xprober-service.yaml
│ └── logs
│ ├── elmah-log-file.yaml
│ ├── error-logs.yaml
│ ├── rails-debug-mode.yaml
│ ├── struts-debug-mode.yaml
│ └── trace-axd-detect.yaml
├── fuzzing
│ ├── arbitrary-file-read.yaml
│ ├── directory-traversal.yaml
│ ├── generic-lfi-fuzzing.yaml
2021-02-02 14:10:22 +00:00
│ └── iis-shortname.yaml
2021-01-11 09:12:23 +00:00
├── helpers
2021-02-02 14:10:22 +00:00
│ └── payloads
│ ├── CVE-2020-5776.csv
│ └── CVE-2020-6287.xml
2021-01-11 09:12:23 +00:00
├── miscellaneous
│ ├── dir-listing.yaml
│ ├── htaccess-config.yaml
│ ├── missing-csp.yaml
│ ├── missing-hsts.yaml
│ ├── missing-x-frame-options.yaml
│ ├── ntlm-directories.yaml
│ ├── old-copyright.yaml
│ ├── robots.txt.yaml
│ ├── security.txt.yaml
│ ├── trace-method.yaml
│ ├── unencrypted-bigip-ltm-cookie.yaml
│ └── xml-schema-detect.yaml
├── misconfiguration
│ ├── aem-groovyconsole.yaml
│ ├── airflow-api-exposure.yaml
│ ├── apache-tomcat-snoop.yaml
│ ├── apc-info.yaml
│ ├── aspx-debug-mode.yaml
│ ├── aws-redirect.yaml
│ ├── cgi-test-page.yaml
│ ├── django-debug-detect.yaml
│ ├── docker-registry.yaml
│ ├── druid-monitor.yaml
│ ├── drupal-user-enum-ajax.yaml
│ ├── drupal-user-enum-redirect.yaml
│ ├── elasticsearch.yaml
2021-01-29 18:24:15 +00:00
│ ├── exposed-docker-api.yaml
2021-01-11 09:12:23 +00:00
│ ├── exposed-kibana.yaml
│ ├── exposed-service-now.yaml
│ ├── front-page-misconfig.yaml
│ ├── hadoop-unauth.yaml
2021-02-13 14:02:36 +00:00
│ ├── jboss-status.yaml
2021-01-11 09:12:23 +00:00
│ ├── jkstatus-manager.yaml
│ ├── jupyter-ipython-unauth.yaml
│ ├── kubernetes-pods.yaml
│ ├── larvel-debug.yaml
│ ├── linkerd-ssrf-detect.yaml
│ ├── manage-engine-ad-search.yaml
2021-02-13 14:02:36 +00:00
│ ├── mikrotik-graph.yaml
2021-02-04 07:49:14 +00:00
│ ├── misconfigured-docker.yaml
2021-01-21 15:02:57 +00:00
│ ├── nginx-status.yaml
2021-01-11 09:12:23 +00:00
│ ├── php-errors.yaml
2021-01-21 15:02:57 +00:00
│ ├── php-fpm-status.yaml
2021-01-11 09:12:23 +00:00
│ ├── put-method-enabled.yaml
│ ├── rack-mini-profiler.yaml
2021-02-10 15:08:03 +00:00
│ ├── salesforce-aura.yaml
2021-01-21 15:02:57 +00:00
│ ├── server-status-localhost.yaml
2021-01-11 09:12:23 +00:00
│ ├── shell-history.yaml
│ ├── sidekiq-dashboard.yaml
2021-01-28 18:37:40 +00:00
│ ├── springboot
│ │ ├── springboot-configprops.yaml
│ │ ├── springboot-env.yaml
│ │ ├── springboot-heapdump.yaml
│ │ ├── springboot-loggers.yaml
│ │ ├── springboot-mappings.yaml
│ │ └── springboot-trace.yaml
2021-01-11 09:12:23 +00:00
│ ├── symfony-debugmode.yaml
│ ├── tomcat-scripts.yaml
│ ├── unauthenticated-airflow.yaml
│ ├── unauthenticated-nacos-access.yaml
2021-02-13 14:02:36 +00:00
│ ├── unauthenticated-prtg.yaml
2021-01-11 09:12:23 +00:00
│ ├── wamp-xdebug-detect.yaml
│ └── zenphoto-installation-sensitive-info.yaml
├── takeovers
│ └── subdomain-takeover.yaml
├── technologies
│ ├── apache-detect.yaml
│ ├── artica-web-proxy-detect.yaml
│ ├── basic-auth-detection.yaml
│ ├── bigip-config-utility-detect.yaml
│ ├── cacti-detect.yaml
│ ├── clockwork-php-page.yaml
2021-01-28 18:37:40 +00:00
│ ├── detect-springboot-actuator.yaml
2021-01-11 09:12:23 +00:00
│ ├── favicon-detection.yaml
│ ├── firebase-detect.yaml
│ ├── google-storage.yaml
│ ├── graphql.yaml
│ ├── graylog-api-browser.yaml
│ ├── home-assistant.yaml
│ ├── jaspersoft-detect.yaml
│ ├── jolokia.yaml
│ ├── kibana-detect.yaml
│ ├── kong-detect.yaml
│ ├── liferay-portal-detect.yaml
│ ├── linkerd-badrule-detect.yaml
│ ├── lotus-domino-version.yaml
2021-01-16 15:29:01 +00:00
│ ├── lucee-detect.yaml
2021-01-11 09:12:23 +00:00
│ ├── magmi-detect.yaml
│ ├── mrtg-detect.yaml
│ ├── netsweeper-webadmin-detect.yaml
│ ├── nifi-detech.yaml
│ ├── oidc-detect.yaml
│ ├── pi-hole-detect.yaml
│ ├── prometheus-exposed-panel.yaml
│ ├── prtg-detect.yaml
│ ├── redmine-cli-detect.yaml
│ ├── s3-detect.yaml
│ ├── sap-netweaver-as-java-detect.yaml
│ ├── sap-netweaver-detect.yaml
2021-01-22 21:45:35 +00:00
│ ├── selea-ip-camera.yaml
2021-01-11 09:12:23 +00:00
│ ├── shiro-detect.yaml
│ ├── sql-server-reporting.yaml
│ ├── tech-detect.yaml
│ ├── telerik-dialoghandler-detect.yaml
│ ├── telerik-fileupload-detect.yaml
│ ├── terraform-detect.yaml
│ ├── tomcat-detect.yaml
│ ├── tor-socks-proxy.yaml
│ ├── waf-detect.yaml
│ ├── weblogic-detect.yaml
│ └── werkzeug-debugger-detect.yaml
├── vulnerabilities
│ ├── generic
│ │ ├── basic-cors.yaml
│ │ ├── basic-xss-prober.yaml
│ │ ├── crlf-injection.yaml
│ │ ├── top-xss-params.yaml
│ │ └── url-redirect.yaml
│ ├── ibm
│ │ ├── eclipse-help-system-xss.yaml
│ │ └── ibm-infoprint-directory-traversal.yaml
│ ├── jenkins
│ │ ├── jenkins-asyncpeople.yaml
│ │ ├── jenkins-stack-trace.yaml
│ │ └── unauthenticated-jenkin-dashboard.yaml
│ ├── jira
│ │ ├── jira-service-desk-signup.yaml
2021-02-09 21:21:35 +00:00
│ │ ├── jira-unauthenticated-adminprojects.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── jira-unauthenticated-dashboards.yaml
│ │ ├── jira-unauthenticated-popular-filters.yaml
2021-02-09 21:29:54 +00:00
│ │ ├── jira-unauthenticated-projectcategories.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── jira-unauthenticated-projects.yaml
2021-02-09 21:05:12 +00:00
│ │ ├── jira-unauthenticated-resolutions.yaml
2021-01-11 09:12:23 +00:00
│ │ └── jira-unauthenticated-user-picker.yaml
│ ├── moodle
│ │ ├── moodle-filter-jmol-lfi.yaml
│ │ └── moodle-filter-jmol-xss.yaml
│ ├── oracle
│ │ └── oracle-ebs-bispgraph-file-access.yaml
│ ├── other
2021-01-30 13:04:31 +00:00
│ │ ├── CNVD-2020-62422.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── acme-xss.yaml
2021-02-10 15:18:48 +00:00
│ │ ├── apache-flink-unauth-rce.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── aspnuke-openredirect.yaml
2021-01-31 07:26:02 +00:00
│ │ ├── bullwark-momentum-lfi.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── cached-aem-pages.yaml
2021-02-03 11:31:48 +00:00
│ │ ├── chamilo-lms-xss.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── couchdb-adminparty.yaml
│ │ ├── discourse-xss.yaml
2021-02-01 17:42:43 +00:00
│ │ ├── dlink-850L-info-leak.yaml
2021-02-01 16:48:08 +00:00
│ │ ├── keycloak-xss.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── mcafee-epo-rce.yaml
│ │ ├── microstrategy-ssrf.yaml
│ │ ├── mida-eframework-xss.yaml
│ │ ├── nginx-module-vts-xss.yaml
│ │ ├── nuuo-nvrmini2-rce.yaml
│ │ ├── pdf-signer-ssti-to-rce.yaml
2021-02-14 11:05:47 +00:00
│ │ ├── powercreator-cms-rce.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── rce-shellshock-user-agent.yaml
│ │ ├── rce-via-java-deserialization.yaml
│ │ ├── rconfig-rce.yaml
2021-02-03 12:00:32 +00:00
│ │ ├── sangfor-edr-rce.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── sick-beard-xss.yaml
2021-01-27 04:40:22 +00:00
│ │ ├── sonicwall-sslvpn-shellshock.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── symantec-messaging-gateway.yaml
│ │ ├── thinkific-redirect.yaml
│ │ ├── tikiwiki-reflected-xss.yaml
│ │ ├── twig-php-ssti.yaml
│ │ ├── vpms-auth-bypass.yaml
│ │ ├── wems-manager-xss.yaml
2021-01-31 07:26:02 +00:00
│ │ ├── wooyun-path-traversal.yaml
2021-01-11 09:12:23 +00:00
│ │ ├── yarn-resourcemanager-rce.yaml
│ │ └── zms-auth-bypass.yaml
│ ├── rails
│ │ └── rails6-xss.yaml
│ ├── springboot
│ │ ├── springboot-actuators-jolokia-xxe.yaml
│ │ └── springboot-h2-db-rce.yaml
2021-02-11 20:36:19 +00:00
│ ├── thinkcmf
│ │ ├── thinkcmf-lfi.yaml
│ │ └── thinkcmf-rce.yaml
2021-01-19 09:37:13 +00:00
│ ├── thinkphp
│ │ ├── thinkphp-2-rce.yaml
│ │ ├── thinkphp-5022-rce.yaml
│ │ ├── thinkphp-5023-rce.yaml
│ │ └── thinkphp-509-information-disclosure.yaml
2021-01-11 09:12:23 +00:00
│ ├── vmware
│ │ ├── vmware-vcenter-lfi-linux.yaml
│ │ └── vmware-vcenter-lfi.yaml
│ └── wordpress
│ ├── easy-wp-smtp-listing.yaml
│ ├── sassy-social-share.yaml
│ ├── w3c-total-cache-ssrf.yaml
│ ├── wordpress-accessible-wpconfig.yaml
│ ├── wordpress-db-backup.yaml
│ ├── wordpress-debug-log.yaml
│ ├── wordpress-directory-listing.yaml
│ ├── wordpress-emails-verification-for-woocommerce.yaml
│ ├── wordpress-emergency-script.yaml
│ ├── wordpress-installer-log.yaml
│ ├── wordpress-social-metrics-tracker.yaml
│ ├── wordpress-tmm-db-migrate.yaml
│ ├── wordpress-user-enumeration.yaml
│ ├── wordpress-wordfence-xss.yaml
2021-01-21 14:48:12 +00:00
│ ├── wordpress-wpcourses-info-disclosure.yaml
2021-01-21 17:41:50 +00:00
│ ├── wp-enabled-registration.yaml
│ └── wp-xmlrpc.yaml
2021-01-11 09:12:23 +00:00
└── workflows
├── artica-web-proxy-workflow.yaml
├── bigip-workflow.yaml
├── cisco-asa-workflow.yaml
├── grafana-workflow.yaml
├── jira-workflow.yaml
├── liferay-workflow.yaml
├── lotus-domino-workflow.yaml
├── magmi-workflow.yaml
├── mida-eframework-workflow.yaml
├── netsweeper-workflow.yaml
├── rabbitmq-workflow.yaml
├── sap-netweaver-workflow.yaml
├── solarwinds-orion-workflow.yaml
├── springboot-workflow.yaml
2021-01-19 09:37:13 +00:00
├── thinkphp-workflow.yaml
2021-01-11 09:12:23 +00:00
├── vbulletin-workflow.yaml
2021-02-04 19:46:20 +00:00
├── weblogic-workflow.yaml
2021-01-11 09:12:23 +00:00
└── wordpress-workflow.yaml
```
< / details >
2021-02-14 11:05:47 +00:00
**56 directories, 535 files**.
2021-01-11 09:12:23 +00:00
2021-01-11 09:17:15 +00:00
📖 Documentation
-----
Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to **build** new and your **own custom** templates, we have also added many example templates for easy understanding.
💪 Contributions
-----
Nuclei-templates is powered by major contributions from the community. [Template contributions ](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+ ), [Feature Requests ](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=feature_request.md&title=%5BFeature%5D+ ) and [Bug Reports ](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=bug_report.md&title=%5BBug%5D+ ) are more than welcome.
2021-01-12 07:58:38 +00:00
💬 Discussion
-----
Have questions / doubts / ideas to discuss? feel free to open a discussion using [Github discussions ](https://github.com/projectdiscovery/nuclei-templates/discussions ) board.
2021-01-11 09:17:15 +00:00
👨💻 Community
-----
You are welcomed to join our [Discord Community ](https://discord.gg/KECAGdH ). You can also follow us on [Twitter ](https://twitter.com/pdiscoveryio ) to keep up with everything related to projectdiscovery.
💡 Notes
-----
- Use YAMLlint (e.g. [yamllint ](http://www.yamllint.com/ ) to validate the syntax of templates before sending pull requests.
2021-01-11 09:12:23 +00:00
Thanks again for your contribution and keeping the community vibrant. :heart: